conformio mobile logo

Smart compliance solutions

How to automate an ISO 27001 security policy

Today’s business processes require faster responses and greater productivity, and sometimes they involve a lot of monotonous and repetitive work. To minimize the risks of error or failure related to such conditions, the automation of certain activities should be carefully considered by organizations. In this article, you’ll learn how to consider what can be automated during the implementation, operation, and maintenance of security policies based on ISO 27001, the leading ISO standard for information security. Which elements of the policy…

Read more...

How to use Conformio ISO 27001 risk assessment software

Investments in information security always present dilemmas: How much is enough? How do you justify implementing safeguard A instead of safeguard B? To help solve these dilemmas, some organizations assess information security risks that need to be treated, most of the time manually. However, when the risk assessment process needs to provide a quick response, or needs to be performed many times in a short period, the manual and case-by-case approach may not be enough. In this article, we will…

Read more...

How to handle user access management in an ISO 27001 project through Conformio

Just like your need to implement access control to your sensitive information throughout the company, you also need to control access to the information related to your ISO 27001 project. In such a project, there are several people with different needs, lots of tasks and activities, and many types of information shared. It can easily become a mess, and information that should be kept only by a few people ends up becoming common knowledge, causing the system to be burdened…

Read more...

How to automate the creation of the Statement of Applicability

If you’re starting to implement ISO 27001, you’re probably looking for a way to make your job easier, and the best approach would be automating repeatable activities and the creation of reports. In this article, we’ll show you how the creation of the Statement of Applicability, one of the central documents of an ISMS compliant with ISO 27001, can be automated, based on information previously gathered during the start of the implementation, and how this is done on the Conformio…

Read more...

Collaboration in ISO 27001 implementation and maintenance – How to replace a bunch of emails

From the first email that was sent back in 1971 until the present time, emailing has become a standard part of our everyday activities. But, in the age of instant messaging, smart notifications, and cloud technology, organizations are starting to feel the constraints of email communication. Nearly half of our workday is spent on reading, searching, and writing emails, so naturally, productivity and collaboration suffer. How can we deal with that? In this article, we are exploring the capabilities of…

Read more...

How online software helps gain employee buy-in when implementing ISO 27001

Getting employee buy-in for implementing any management system can be difficult; in general, people don’t like change in their workplace. This quickly becomes apparent if you are trying to implement an Information Security Management System using ISO 27001:2013. So, if you want to successfully make changes in how your employees work, it helps to understand what can cause poor employee buy-in, and to consider tools that can make it easier. What are the issues that cause poor employee buy-in? Change…

Read more...

Getting top management buy-in for an ISO 27001 online software

Let’s imagine that you planned well for your ISO 27001 implementation project. You have done your research and recognized the key role an ISO 27001 tool can have in dealing with the complexities of the upcoming implementation project. You have an action plan, you’ve carefully selected a team, and now you want to convince your boss that having an ISO 27001 online tool is a justifiable investment. In this article, we offer some advice on how you can present the…

Read more...

How to choose the right online ISO 27001 management software

With the upsurge in technology solutions for comprehensive project and document management, there is no real shortage of online software solutions created specifically for implementing and maintaining ISO 27001. This makes it a lot harder to identify the solution that best fits your organizational operations and can truly help you implement the standard in due time. In this article, we offer advice for what to look for when searching for software to support an ISO 27001 Information Security Management System…

Read more...